The invention relates to a system for storing and distributing keys for cryptographically protected communication, the system comprising a plurality of terminals which are interconnectable, each terminal comprising a transmitter, a receiver, an enciphering and a deciphering arrangement and a memory arrangement storing the keys for enciphering the clear data to be transmitted by the terminal and deciphering the enciphered data to be received by the terminal.
Such a system is generally known.
In a network having N terminals there are (.sub.2.sup.N)=1/2 N (N-1) possible communication links between two terminals if it is assumed that the communication direction is not of significance. By storing in each terminal (N-1) keys a connection can be established to any other terminal, which connection is protected by a unique key. The key material for the overall network of N terminals can be represented as a N.N key matrix. A key matrix is a square matrix each element of which represents an enciphering or a deciphering key. The matrix has no elements on the main diagonal (communication of the terminal with itself is non-existent) and is symmetrical (the same key is used for communication between terminal i and terminal j and for the communication between j and i). By storing in each terminal the (N-1) keys shown in the relevant column (or the row) of the key matrix, each terminal (for example T.sub.i) can safely communicate with any other terminal (for example T.sub.j) via their common key (terminal T.sub.i utilizes key k.sub.ij and terminal T.sub. j utilizes key k.sub.ji, which keys are identical since the key matrix is symmetrical). This method, although simple, is not attractive if the number of terminals in the network is large, as the required storage capacity S in each terminal for storing the (N-1) keys amounts to (N-1).L bits, L being the length of the keys in bits. If N has a value of 10 000 and the key length L is 150 bits, then each terminal must have a storage capacity S of 1.5 Mbits.